Paranoid Penguin - Introduction to SELinux

Besides Type Enforcement, SELinux includes a second model, called Role-Based Access Control (RBAC). Although I'm out of space for now, RBAC builds
on the concepts we've already discussed, providing controls especially
useful when real human users, as opposed to dæmons and other automated
processes, are concerned.

Next time, I'll describe RBAC at length and begin going into greater
depth on how actually to use SELinux, beginning with Fedora and Red Hat's
“targeted” policy. Until then, be safe!

Mick Bauer (darth.elmo@wiremonkeys.org) is Network
Security
Architect for one of the US's largest banks. He is the author of
the O'Reilly book Linux Server Security, 2nd edition
(formerly called
Building Secure Servers With Linux), an occasional
presenter at
information security conferences and composer of the “Network
Engineering Polka”.